Author: Vladimir Pecanac

How to Prepare an ASP.NET Core Application for Dockerization

In this part, we are going to apply some modifications to our ASP.NET Core application in order to prepare it for the dockerization process. To follow along with this part you need .NET Core 2.0, Git, an IDE of your choice, and Docker. For the purposes of this article, we are going to re-use the application from our .NET Core Series, more concretely part 6 of the series. The main reason for this decision is that if you are not familiar with the ASP.NET Core, you can go through the series and learn how to make ASP.NET Core WebApi application...

Read More

How to Implement Content Negotiation in ASP.NET Core 2.0

Content negotiation is one of those quality-of-life improvements you can add to your REST API to make it more user-friendly and flexible. And when we design an API, isn’t that what we want to achieve in the first place? There are many things to keep in mind when designing a REST API and we’ve written recently about it in our Top REST API best practices article. Content negotiation is an HTTP feature which has been around for a while, but for one reason or another, it is, maybe, a bit underused. In short, content negotiation lets you choose or rather “negotiate”...

Read More

Top REST API Best Practices

Many giants like Facebook, Google, Github, Netflix, Amazon, and Twitter have their own REST(ful) APIs that you can access to get or even write data. But why all the need for REST? Is it that good and why is it so prevalent? Surely it’s not the only way to convey messages? What is the difference between REST and HTTP? Well, it turns out REST is pretty flexible and compatible with HTTP that is the main protocol the internet is based upon. Since it is an architectural style and not the standard, it provides a lot of freedom to implement various design...

Read More

The HTTP series (Part 5): Security

If you followed along the HTTP series, you are ready now to embark on a journey of HTTP security. And a journey it will be, I promise 🙂 Many companies have been a victim to security breaches. To name just a few prominent ones: Dropbox, Linkedin, MySpace, Adobe, Sony, Forbes and many others were on the receiving end of malicious attacks. Many accounts were compromised and the chances are, at least one of those was yours 🙂 You can actually check that on Have I Been Pwned. My email address was found on 4 different websites that were victims...

Read More

The HTTP series (Part 4): Authentication Mechanisms

In the previous part, we’ve talked about the different ways that websites can use to identify the visiting user. But identification itself represents just a claim. When you identify yourself, you are claiming that you are someone. But there is no proof of that. Authentication, on the other hand, is showing a proof that you are what you claim to be, like showing your personal id or typing in your password. More often than not, the websites need that proof to serve you sensitive resources. HTTP has its own authentication mechanisms that allow the servers to issue challenges and get...

Read More